Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15137
HistoryDec 24, 2009 - 12:00 a.m.

expat big2_toUtf8()函数XML文件解析拒绝服务漏洞

2009-12-2400:00:00
Root
www.seebug.org
51

0.013 Low

EPSS

Percentile

84.1%

JSON

BUGTRAQ ID: 37203
CVE ID: CVE-2009-3560

Expat是用C语言编写的XML解析器库。

Expat库的lib/xmltok.c文件中的big2_toUtf8函数存在拒绝服务漏洞。如果用户受骗打开了包含有畸形UTF-8序列的XML文档,就会在lib/xmlparse.c的doProlog函数中触发缓冲区越界读取,导致链接到Expat库上的应用崩溃。

James Clark Expat 2.0.1
厂商补丁:

Debian

Debian已经为此发布了一个安全公告(DSA-1953-1)以及相应补丁:
DSA-1953-1:New expat packages fix denial of service
链接:http://www.debian.org/security/2009/dsa-1953

补丁下载:

Source archives:

http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2.diff.gz
Size/MD5 checksum: 413321 e6d99f30014fccc0ffb9db1554ba1472
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8.orig.tar.gz
Size/MD5 checksum: 318349 aff487543845a82fe262e6e2922b4c8e
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2.dsc
Size/MD5 checksum: 703 50e1e2ab47fe419e89ef671991ddb3f0

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_alpha.deb
Size/MD5 checksum: 69460 59616e932bcd8c86ecd4998fe633f5ee
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_alpha.udeb
Size/MD5 checksum: 61198 39a8aaec6ba02d5a206e44db95bc5d87
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_alpha.deb
Size/MD5 checksum: 143250 ac848be2b40296fbdf3a6a6eeed551f4
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_alpha.deb
Size/MD5 checksum: 22360 e3b52bc716fa975c4cc43cc9a00a4546

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_amd64.deb
Size/MD5 checksum: 64628 0ebf8bb1e3b55cf8e751f638881eee14
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_amd64.deb
Size/MD5 checksum: 21518 4ee3b94bccadb231c5ee8e47b9ebe053
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_amd64.udeb
Size/MD5 checksum: 56436 e856562cc8156f88ef07d3b79aac9336
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_amd64.deb
Size/MD5 checksum: 133908 30ba0c9b11641b960327577a65ff4423

arm architecture (ARM)

http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_arm.deb
Size/MD5 checksum: 57250 1b0a1f0cf411bb0d437f3a01e5cd3593
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_arm.deb
Size/MD5 checksum: 126100 0f0bcf322522ee564f1c006b9172a873
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_arm.deb
Size/MD5 checksum: 19798 eaea089d8c4d2bfc14ecf7a72f149202
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_arm.udeb
Size/MD5 checksum: 49400 07e75e50c1b7adae634d77763bd5e86e

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_hppa.deb
Size/MD5 checksum: 149462 2a9bead50733246e3cc1f8b52c283d6c
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_hppa.deb
Size/MD5 checksum: 22684 44dd6038115624b780f51314b38d1819
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_hppa.udeb
Size/MD5 checksum: 64792 aa392afb507d07a4eb4061e6368afd04
http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_hppa.deb
Size/MD5 checksum: 73014 a8317a8f7a03f9aa5561fe43fbbdbcae

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_i386.deb
Size/MD5 checksum: 63130 28f26b307f7cb5b133c7d7b0b7f336dc
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_i386.deb
Size/MD5 checksum: 21090 67a8e21213321cf54be9dc58380ce45f
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_i386.deb
Size/MD5 checksum: 129822 4e06399f0079e7608d25430ded374d97
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_i386.udeb
Size/MD5 checksum: 54984 64b2c0654425bd1234f5394efb1e2d69

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_ia64.udeb
Size/MD5 checksum: 87362 c78054403944437ce5ddfa700ee04532
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_ia64.deb
Size/MD5 checksum: 164964 11efdcba7612853f816112c1b99437d0
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_ia64.deb
Size/MD5 checksum: 25076 e6f02ab66bde8b7de92ef2d97b60f9c0
http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_ia64.deb
Size/MD5 checksum: 95858 fe960e6af68f6e12429ee8eb600d80f9

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_mips.udeb
Size/MD5 checksum: 56612 a917e2fe1206a9614fb7b9c04eb88a86
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_mips.deb
Size/MD5 checksum: 21600 fbcd5b817b80aaa9856698d68a6fa455
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_mips.deb
Size/MD5 checksum: 141918 dc95f50a8665aeb063885bc989d1315f
http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_mips.deb
Size/MD5 checksum: 64702 cd4cee2ee2b4cb36d6f822998c5d7d20

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_powerpc.deb
Size/MD5 checksum: 22948 50ae9c0fa46faebf9a4eafeb2fb40b9a
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_powerpc.udeb
Size/MD5 checksum: 59448 4d212532482851f7a463ede5419f1791
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_powerpc.deb
Size/MD5 checksum: 148146 381b2f1b56ec4b803cf904e0cd58e4ec
http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_powerpc.deb
Size/MD5 checksum: 67650 de0a12471a24bc12da5c7b4cd33bba07

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_s390.deb
Size/MD5 checksum: 64906 f480563f4ff6a0f77dbd0a490a973b9d
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_s390.udeb
Size/MD5 checksum: 56770 7854d9f4ce32b1963ede0790b69904d0
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_s390.deb
Size/MD5 checksum: 21420 d039dacbda9db203d23281317a8ddd3c
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_s390.deb
Size/MD5 checksum: 132506 d194bdb366195ba2402999a2cad5aa4d

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_1.95.8-3.4+etch2_sparc.deb
Size/MD5 checksum: 128580 39bf980ed2bfd1a5f332b48c5f4b355b
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_1.95.8-3.4+etch2_sparc.udeb
Size/MD5 checksum: 51882 84810453c7288687eebcd5822c4525ca
http://security.debian.org/pool/updates/main/e/expat/libexpat1_1.95.8-3.4+etch2_sparc.deb
Size/MD5 checksum: 59824 b71d2a54edf53c92d97b1faa63930134
http://security.debian.org/pool/updates/main/e/expat/expat_1.95.8-3.4+etch2_sparc.deb
Size/MD5 checksum: 20394 7f1bc9c83495ab50c03701e6ef125332

Debian GNU/Linux 5.0 alias lenny (stable)

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1.orig.tar.gz
Size/MD5 checksum: 446456 ee8b492592568805593f81f8cdf2a04c
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2.dsc
Size/MD5 checksum: 1438 556771752cdeb9b854aae0ecd060e1c5
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2.diff.gz
Size/MD5 checksum: 133845 424badd53b1147b260c2dfd3b7c5f153

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_alpha.udeb
Size/MD5 checksum: 62898 289c10af11866f2862eebe1920910969
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_alpha.deb
Size/MD5 checksum: 221130 e5c4f3465c09b47b47b2959b44aeed09
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_alpha.deb
Size/MD5 checksum: 24628 92666b01407635c4829fc5fea10237b3
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_alpha.deb
Size/MD5 checksum: 135844 331e0b3b6c41c716686de6eb7408024d

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_amd64.deb
Size/MD5 checksum: 223306 6736ebbd46ddb4f03c7731c9ad893d27
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_amd64.udeb
Size/MD5 checksum: 62810 e8bcc7686a563b52372f1d03b5e39106
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_amd64.deb
Size/MD5 checksum: 23898 688c33641259b60883572206e151449a
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_amd64.deb
Size/MD5 checksum: 136360 752cdbf7c744780a629272335fa52779

arm architecture (ARM)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_arm.udeb
Size/MD5 checksum: 52720 27a3e489f7ca8ad52bfc076a81348900
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_arm.deb
Size/MD5 checksum: 203330 63309ffa0125a0ebf1c4d60831a0f365
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_arm.deb
Size/MD5 checksum: 22108 165b6b7584589a653b5c8f6e2619f020
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_arm.deb
Size/MD5 checksum: 116164 979ed610597f6e64ae7646e0c93b0d32

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_armel.deb
Size/MD5 checksum: 209090 33d3e6b4e7df0e01ea86a61fbb5b4240
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_armel.deb
Size/MD5 checksum: 22362 44191b6e3c34c571089c23710da67d5d
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_armel.udeb
Size/MD5 checksum: 54240 9bade1198036f567e35d8cc6f37312ea
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_armel.deb
Size/MD5 checksum: 118714 7bcda4ddc2817c8aab259378dc660a0c

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_hppa.udeb
Size/MD5 checksum: 69456 1ff6cd259068a168fa229abaf71cc985
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_hppa.deb
Size/MD5 checksum: 261136 bde3165254c6034c331a54c0560d4fcb
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_hppa.deb
Size/MD5 checksum: 24828 bb26c745fbb3e3cd9446cb01cc0ad4e7
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_hppa.deb
Size/MD5 checksum: 148662 f955833df5ed41fdedc3d5090a43a8e5

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_i386.udeb
Size/MD5 checksum: 60816 009c3b55eeeaa87476ff658c5c654791
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_i386.deb
Size/MD5 checksum: 23288 529f392c091e9e09f74e21e77da69f0c
http://security.debian.org/pool/updates/main/e/expat/lib64expat1-dev_2.0.1-4+lenny2_i386.deb
Size/MD5 checksum: 168162 01b2166f38485842aab660f0a397487a
http://security.debian.org/pool/updates/main/e/expat/lib64expat1_2.0.1-4+lenny2_i386.deb
Size/MD5 checksum: 136330 11942d4c9c36b25882db662b9edf1981
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_i386.deb
Size/MD5 checksum: 210542 54ea496b626a1875b6d7cf7519008ec3
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_i386.deb
Size/MD5 checksum: 131876 8c8a91854bf5ee9eec30fda926519bef

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_ia64.deb
Size/MD5 checksum: 27426 7d194ae6b0473db3ff5470c10938d964
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_ia64.deb
Size/MD5 checksum: 206162 b5b5cd0448f4d4405e547083158d0b33
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_ia64.deb
Size/MD5 checksum: 291698 3c2fa7560629d402db2fe09cacf78d65
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_ia64.udeb
Size/MD5 checksum: 98262 d2fe5be42499f8cc35727ad1febaba15

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_mips.deb
Size/MD5 checksum: 234414 c1fe34bff578c026a950a7c3f4c4d771
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_mips.udeb
Size/MD5 checksum: 61214 4670ea4ec04854955699ef5d1115322f
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_mips.deb
Size/MD5 checksum: 23794 294282bd2e09d86cdcecb2c7be16a2c7
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_mips.deb
Size/MD5 checksum: 132784 8ee0a7eabf9781a087dccc9348d9e5c0

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_mipsel.deb
Size/MD5 checksum: 224124 d846357e369b14081f16cc1576bda554
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_mipsel.deb
Size/MD5 checksum: 131716 ab80da25bb702bf1eda5659949931cf3
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_mipsel.deb
Size/MD5 checksum: 23812 0eab513e87cdc4b6af912e8c9b9eb97d
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_mipsel.udeb
Size/MD5 checksum: 60652 571cd4e1defdffbd231b4f1c30317933

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_powerpc.deb
Size/MD5 checksum: 140454 57b59323a8fd3f989c4b887a2f435edc
http://security.debian.org/pool/updates/main/e/expat/lib64expat1_2.0.1-4+lenny2_powerpc.deb
Size/MD5 checksum: 143938 14c14076db484cc958e72b9fc4c566db
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_powerpc.deb
Size/MD5 checksum: 280288 9fadfb58e2302a8b6f57297e65dfd8d3
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_powerpc.deb
Size/MD5 checksum: 26806 72bac1cc1d74623ba6494645bc4289ab
http://security.debian.org/pool/updates/main/e/expat/lib64expat1-dev_2.0.1-4+lenny2_powerpc.deb
Size/MD5 checksum: 156730 2aca152555c73b700d1726d1eded7fe4
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_powerpc.udeb
Size/MD5 checksum: 64998 989f172b6599508c436bc5a09c91c4f5

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_s390.deb
Size/MD5 checksum: 220156 c7fc9bb8b053a250ab3e37bfb2bb5f48
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_s390.deb
Size/MD5 checksum: 24202 f1db3ff06b30af0f9a37669346b03647
http://security.debian.org/pool/updates/main/e/expat/lib64expat1_2.0.1-4+lenny2_s390.deb
Size/MD5 checksum: 134506 d64a081f5c330c143361c5a1adfbe960
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_s390.deb
Size/MD5 checksum: 134478 45bf7476a951dd3d6fb44a230c507f20
http://security.debian.org/pool/updates/main/e/expat/lib64expat1-dev_2.0.1-4+lenny2_s390.deb
Size/MD5 checksum: 173076 c2cb8d4e8b9c5f0aaf3700e6efad34e8
http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_s390.udeb
Size/MD5 checksum: 61936 c87e11d3c3759892c3d6b6f418c2bb95

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/e/expat/libexpat1-udeb_2.0.1-4+lenny2_sparc.udeb
Size/MD5 checksum: 57658 13a0ac88f44285d0d86dcd38d3deff70
http://security.debian.org/pool/updates/main/e/expat/lib64expat1_2.0.1-4+lenny2_sparc.deb
Size/MD5 checksum: 133572 8bab47cce6aabb7d2038c6d528ff02a3
http://security.debian.org/pool/updates/main/e/expat/expat_2.0.1-4+lenny2_sparc.deb
Size/MD5 checksum: 23164 4a504bfeb56ecce8f1b7aaaee11b138b
http://security.debian.org/pool/updates/main/e/expat/lib64expat1-dev_2.0.1-4+lenny2_sparc.deb
Size/MD5 checksum: 171696 8e6d324c284db7a61854d544cb49418e
http://security.debian.org/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny2_sparc.deb
Size/MD5 checksum: 125636 1ab1d2f419627c15d5fb557c515937f6
http://security.debian.org/pool/updates/main/e/expat/libexpat1-dev_2.0.1-4+lenny2_sparc.deb
Size/MD5 checksum: 216610 ec3f0144dd15d23fb9bc188b52a26f78

补丁安装方法:

  1. 手工安装补丁包:

首先,使用下面的命令来下载补丁软件:

wget url (url是补丁下载链接地址)

然后,使用下面的命令来安装补丁:

dpkg -i file.deb (file是相应的补丁名)

  1. 使用apt-get自动安装补丁包:

    首先,使用下面的命令更新内部数据库:

    apt-get update

    然后,使用下面的命令安装更新软件包:

    apt-get upgrade

RedHat

RedHat已经为此发布了一个安全公告(RHSA-2009:1625-01)以及相应补丁:
RHSA-2009:1625-01:Moderate: expat security update
链接:https://www.redhat.com/support/errata/RHSA-2009-1625.html

Sun

Sun已经为此发布了一个安全公告(Sun-Alert-6905480)以及相应补丁:
Sun-Alert-6905480:Multiple Security Vulnerabilities in the libexpat Library May Lead to a Denial of Service (DoS) Condition
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1

James Clark

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165

Related

nessus 68
openvas 57
debian 5
osv 2
freebsd 3
veracode 1
httpd 2
redhat 3
fedora 3
oraclelinux 1
centos 1
f5 2
ubuntucve 1
cve 1
slackware 2
ubuntu 6
prion 1
debiancve 1
gentoo 1
kaspersky 1
apple 4
vmware 4
nessus
nessus
Fedora 11 : expat-2.0.1-8.fc11 (2009-12716)
2009-12-07 00:00:00
SuSE9 Security Update : expat (YOU Patch Number 12568)
2010-01-15 00:00:00
SuSE 10 Security Update : expat (ZYPP Patch Number 6764)
2010-01-15 00:00:00
openvas
openvas
SLES11: Security update for expat
2009-12-14 00:00:00
FreeBSD Ports: expat2
2009-12-10 00:00:00
FreeBSD Ports: expat2
2009-12-10 00:00:00
debian
debian
[SECURITY] [DSA-1953-2] New expat packages fix regression
2009-12-31 14:15:48
[SECURITY] [DSA-1953-1] New expat packages fix denial of service
2009-12-15 20:23:03
[SECURITY] [DSA-1953-2] New expat packages fix regression
2009-12-31 14:15:48
osv
osv
expat - regression fix
2009-12-15 00:00:00
python - several vulnerabilities
2010-01-25 00:00:00
freebsd
freebsd
expat2 -- buffer over-read and crash
2009-10-05 00:00:00
apr -- multiple vunerabilities
2010-10-02 00:00:00
libwww -- multiple vulnerabilities
2005-10-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 03:49:03
httpd
httpd
Apache Httpd < 2.0.64 : expat DoS
2009-12-18 00:00:00
Apache Httpd < 2.2.17 : expat DoS
2009-12-18 00:00:00
redhat
redhat
(RHSA-2009:1625) Moderate: expat security update
2009-12-07 00:00:00
(RHSA-2017:3239) Important: Red Hat JBoss Enterprise Application Platform 6.4.18 security update
2017-11-16 19:09:33
(RHSA-2009:1692) Important: rhev-hypervisor security and bug fix update
2009-12-23 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: expat-2.0.1-8.fc10
2009-12-04 23:57:13
[SECURITY] Fedora 11 Update: expat-2.0.1-8.fc11
2009-12-05 00:02:48
[SECURITY] Fedora 12 Update: expat-2.0.1-8.fc12
2009-12-05 00:06:09
oraclelinux
oraclelinux
expat security update
2009-12-07 00:00:00
centos
centos
expat security update
2009-12-07 23:34:29
f5
f5
K15905 : Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2015-03-16 00:00:00
SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2014-12-11 00:00:00
ubuntucve
ubuntucve
CVE-2009-3560
2009-12-04 00:00:00
cve
cve
CVE-2009-3560
2009-12-04 21:30:00
slackware
slackware
[slackware-security] expat
2011-02-11 01:17:08
[slackware-security] httpd
2011-02-11 01:17:26
ubuntu
ubuntu
PyXML vulnerabilities
2010-01-26 00:00:00
Expat vulnerabilities
2010-01-20 00:00:00
Python 2.4 vulnerabilities
2010-01-22 00:00:00
prion
prion
Buffer overflow
2009-12-04 21:30:00
debiancve
debiancve
CVE-2009-3560
2009-12-04 21:30:00
gentoo
gentoo
Expat: Multiple vulnerabilities
2012-09-24 00:00:00
kaspersky
kaspersky
KLA10066 Multiple vulnerabilities in Apache httpd
2010-10-19 00:00:00
apple
apple
About the security content of iTunes 12.6
2017-03-21 00:00:00
About the security content of iTunes 12.6 - Apple Support
2017-03-22 07:40:40
About the security content of iTunes 12.6 for Windows
2017-03-21 00:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00

0.013 Low

EPSS

Percentile

84.1%

JSON
Related for SSV:15137
nessus68openvas57debian5osv2freebsd3veracode1httpd2redhat3fedora3oraclelinux1centos1f52ubuntucve1cve1slackware2ubuntu6prion1debiancve1gentoo1kaspersky1apple4vmware4